CVE-2022-23093

ping reads raw IP packets from the network to process responses in the prpack function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has a...

CVE-2022-23093

The CVE-2022-23093 issue affects FreeBSD ping(8). The vulnerability arises in pr_pack() when processing ICMP responses: if IP option headers follow the IP header in either the response or the quoted packet, the destination buffer can overflow by up to 40 bytes. This is a memory-safety bug that ca...

CVE-2022-23093 Stack overflow in ping(8)

ping reads raw IP packets from the network to process responses in the prpack function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has a...

CVE-2022-23093 Stack overflow in ping(8)

ping reads raw IP packets from the network to process responses in the prpack function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has a...

CVE-2024-24782

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN...

CVE-2024-24782

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN...

Design/Logic Flaw

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN...

CVE-2024-24782 HIMA: Origin Validation Error in multiple products

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN...

CVE-2024-24782

CVE-2024-24782 describes an access control/origin verification error that allows an unauthenticated attacker to send a ping between isolated networks (across VLAN-segregated ports). Affected products in the connected data include HIMA Paul Hildebrandt F Series and X Series, with the underlying is...

HIMA Paul Hildebrandt Multiple Product Access Control Error Vulnerability

The HIMA Paul Hildebrandt F Series and the HIMA Paul Hildebrandt X Series are both a line of electronic components from HIMA Paul Hildebrandt. An access control error vulnerability exists in multiple HIMA Paul Hildebrandt products that originates from an unauthenticated attacker being able to sen...

Ping Identity PingFederate Access Control Error Vulnerability

Ping Identity PingFederate is a flagship software-based federation server in the United States. used for identity management. Ping Identity A security vulnerability exists in PingFederate version 11.3, which stems from the fact that authentication can be bypassed...

PingDirectory security vulnerability

Ping Identity PingDirectory is a fast, scalable directory for storing identity and rich profile data from Ping Identity. A security vulnerability exists in PingDirectory. An attacker can exploit the vulnerability to elevate privileges...

PT-2024-14308 · Trendnet · Trendnet Tew-822Dre

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-822DRE version 1.03B02 Description: An issue allows a local attacker to execute arbitrary code via the ipv4 ping parameter in the "/boafrm/formSystemCheck" API endpoint. Recommendations: For TRENDnet TEW-822DRE version 1.03B02,...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

CVE-2023-49038

Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root...

CVE-2024-1014

Uncontrolled resource consumption vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could interrupt the availability of the administration panel by sending multiple ICMP packets...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

CVE-2024-0920

A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /adminping.htm of the component POST Request Handler. The manipulation of the argument ipv4ping/ipv6ping leads to command injection. The attack can be...